News
News
Joomla! - the dynamic portal engine and content management system

  • Joomla! 3.5 Beta 2 Released
    pimg src="https://www.joomla.org/images/joomla-beta.png" alt="Joomla Beta Logo" //p pThe Joomla! Project is pleased to announce the availability of a href="https://github.com/joomla/joomla-cms/releases/tag/3.5.0-beta2"Joomla! CMS 3.5 Beta 2/a. Community members are asked to download and install the package in order to provide quality assurance for the forthcoming 3.5 release./p pJoomla! 3 is the latest major release of the Joomla! CMS, with 3.5 the sixth standard-term support release in this series. Please note that going from 3.4 to 3.5 is a one-click upgrade and is NOT a migration. The same is true is for any subsequent versions in the 3 series of the CMS. That being said, please do not upgrade any of your production sites to the beta version as beta is strongONLY intended for testing and there is no upgrade path from Beta./strong/pdiv a href="http://feeds.joomla.org/~ff/JoomlaAnnouncements?a=ZW5QCVNl-Vw:d1DmdeXF3tw:yIl2AUoC8zA"img src="http://feeds.feedburner.com/~ff/JoomlaAnnouncements?d=yIl2AUoC8zA" border="0"/img/a a href="http://feeds.joomla.org/~ff/JoomlaAnnouncements?a=ZW5QCVNl-Vw:d1DmdeXF3tw:V_sGLiPBpWU"img src="http://feeds.feedburner.com/~ff/JoomlaAnnouncements?i=ZW5QCVNl-Vw:d1DmdeXF3tw:V_sGLiPBpWU" border="0"/img/a /divimg src="http://feeds.feedburner.com/~r/JoomlaAnnouncements/~4/ZW5QCVNl-Vw" height="1" width="1" alt=""/

  • Joomla! 3.4.8 Released
    div figureimg src="https://www.joomla.org/images/release-images/joomla_releases_348.jpg" alt="Joomla! 3.4.8 - Bug Release Available" //figure /div pJoomla! 3.4.8 is now available. This is a bug fix release for the 3.x series of Joomla This release fixes some bugs related to session management from Joomla 3.4.7. The project understands that many of our users are now on Christmas Holiday's so we would like to emphasise that this release only contains bug fixes and whilst we strongly encourage our users to update as soon as practically possible, this update can be left until after any holidays./p h2What's in 3.4.8/h2 pJoomla 3.4.8 fixes some issues found in the 3.4.7 release on Monday to do with browser sessions. All reported bugs from the 3.4.7 update have been fixed in this release:/p ul liUsers were unable to edit or create items after the 3.4.7 update/li lia href="https://github.com/joomla/joomla-cms/issues/8762"Fatal error about connection-gt;stat() not existing on external database connections/a/li liAfter session timeout users could still navigate the backend but without being able to create/edit items or use pagination/filters/li /ul pstrongFor known issues with the 3.4.8 release, see the a href="https://docs.joomla.org/Category:Version_3.4.8_FAQ"Version 3.4.8 FAQ/a in the documentation site./strong. Please note that it is expected that you will be logged out as soon as the update is complete./p pThe Production Leadership Team's goal is to continue to provide regular, frequent updates to the Joomla community. Learn more about Joomla development at the a href="https://developer.joomla.org"Joomla Developer Network/a./pdiv a href="http://feeds.joomla.org/~ff/JoomlaAnnouncements?a=c6fnXUZP4cQ:atdUbUmkmOE:yIl2AUoC8zA"img src="http://feeds.feedburner.com/~ff/JoomlaAnnouncements?d=yIl2AUoC8zA" border="0"/img/a a href="http://feeds.joomla.org/~ff/JoomlaAnnouncements?a=c6fnXUZP4cQ:atdUbUmkmOE:V_sGLiPBpWU"img src="http://feeds.feedburner.com/~ff/JoomlaAnnouncements?i=c6fnXUZP4cQ:atdUbUmkmOE:V_sGLiPBpWU" border="0"/img/a /divimg src="http://feeds.feedburner.com/~r/JoomlaAnnouncements/~4/c6fnXUZP4cQ" height="1" width="1" alt=""/

  • Joomla! 3.4.7 Released
    div figureimg src="https://www.joomla.org/images/joomla34graphic.png" alt="Joomla! 3.4 - Do More" //figure /div pJoomla! 3.4.7 is now available. This is a security release for the 3.x series of Joomla which addresses a critical security vulnerability and one low level security vulnerabilities. We strongly recommend that you update your sites strongimmediately/strong./p pThis release only contains the security fixes; no other changes have been made compared to the Joomla 3.4.6 release./p divimg src="https://www.joomla.org/images/stories/announcements/security.png" alt="Security Release" //div h2What's in 3.4.7/h2 pVersion 3.4.7 is released to address two reported security vulnerabilities and includes security hardening of the MySQLi driver to help prevent object injection attacks./p pThe Joomla Security Strike team has been following up on the critical security vulnerability a href="https://www.joomla.org/index.php?option=com_contentamp;view=articleamp;id=5642amp;catid=36amp;Itemid=156"patched last week/a. Since the recent update it has become clear that the root cause is a bug innbsp;a href="https://bugs.php.net/bug.php?id=70219"PHP itself/a. This was fixed by PHP in September of 2015 with the releases of PHP 5.4.45, 5.5.29, 5.6.13 (Note that this is fixed in all versions of PHP 7 and has been back-ported in some specific Linux LTS versions of PHP 5.3). The only Joomla sites affected by this bug are those which are hosted on vulnerable versions of PHP. We are aware that not all hosts keep their PHP installations up to date so we are making this release to deal with this issue on vulnerable PHP versions./p h3Security Issues Fixed/h3 ul liHigh Priority - Core - Session Hardening (affecting Joomla 1.5 through 3.4.6) a href="https://developer.joomla.org/security-centre/639-20151206-core-session-hardening.html"More information raquo;/a/li liLow Priority - Core - SQL Injection (affecting Joomla 3.0.0 through 3.4.6) a href="https://developer.joomla.org/security-centre/640-20151207-core-sql-injection.html"More information raquo;/a/li /ul pstrongPlease see the documentation wiki for a href="https://docs.joomla.org/Category:Version_3.4.7_FAQ"FAQrsquo;s regarding the 3.4.7 release/a./strong It is important to note that due to some session changes you will not be able to edit items until you log out and log back in again. Please note that there has been a backwards compatibility break regarding how session management is handled. If you are using the documented Joomla API you will have no issues. The changes are fully documented in the release documentation./pdiv a href="http://feeds.joomla.org/~ff/JoomlaAnnouncements?a=m0LJ7eZEX-A:cIyQijdprtk:yIl2AUoC8zA"img src="http://feeds.feedburner.com/~ff/JoomlaAnnouncements?d=yIl2AUoC8zA" border="0"/img/a a href="http://feeds.joomla.org/~ff/JoomlaAnnouncements?a=m0LJ7eZEX-A:cIyQijdprtk:V_sGLiPBpWU"img src="http://feeds.feedburner.com/~ff/JoomlaAnnouncements?i=m0LJ7eZEX-A:cIyQijdprtk:V_sGLiPBpWU" border="0"/img/a /divimg src="http://feeds.feedburner.com/~r/JoomlaAnnouncements/~4/m0LJ7eZEX-A" height="1" width="1" alt=""/

  • Important Security Announcement - Patch Available Soon
    pimg src="https://www.joomla.org/images/stories/announcements/security.png" alt="Security Announcement" //p pA Joomla 3.4.7 release containing a strongsecurity fix/strong will be published today (Monday 21st December) at approximately 21:00 UTC/p pThe Joomla Security Strike team has been following up on the critical security vulnerability a href="https://www.joomla.org/index.php?option=com_contentamp;view=articleamp;id=5641amp;catid=36amp;Itemid=156"patched last week/a. Since the recent update it has become clear that the root cause is a bug in PHP itself. This was fixed by PHP in September of this year (2015) with the releases of PHP 5.4.45, 5.5.29, 5.6.13 (N.B. Fixed in all versions of PHP 7 and has been backported in some specific Linux LTS versions of PHP 5.3). The only Joomla sites affected by this bug are those which are hosted on vulnerable versions of PHP. We are aware that not all hosts keep their PHP installations up to date so we are releasing a Joomla Update later today which contains additional protection for those users. We do of course recommend that all users apply this update as soon as possible./p pFrom Joomla 3.4.6, performing an update to the new version is as simple as logging in and clicking an update button. The update version warning notice will be clearly visible as soon as an administrator logs in. Joomla advises that there are Joomla extensions available that can apply updates automatically./p pAlthough no longer supported officially, the Joomla Security Strike Team plans to issue patches for Joomla versions 1.5 and 2.5./p pUntil the release is out, please understand that we cannot provide any further information./pdiv a href="http://feeds.joomla.org/~ff/JoomlaAnnouncements?a=q2W-_SMxZic:3eA2_SjFyPQ:yIl2AUoC8zA"img src="http://feeds.feedburner.com/~ff/JoomlaAnnouncements?d=yIl2AUoC8zA" border="0"/img/a a href="http://feeds.joomla.org/~ff/JoomlaAnnouncements?a=q2W-_SMxZic:3eA2_SjFyPQ:V_sGLiPBpWU"img src="http://feeds.feedburner.com/~ff/JoomlaAnnouncements?i=q2W-_SMxZic:3eA2_SjFyPQ:V_sGLiPBpWU" border="0"/img/a /divimg src="http://feeds.feedburner.com/~r/JoomlaAnnouncements/~4/q2W-_SMxZic" height="1" width="1" alt=""/

  • Joomla! 3.4.6 Released
    div figureimg src="https://www.joomla.org/images/joomla34graphic.png" alt="Joomla! 3.4 - Do More" //figure /div pJoomla! 3.4.6 is now available. This is a security release for the 3.x series of Joomla which addresses a critical security vulnerability and 4 low level security vulnerabilities. We strongly recommend that you update your sites strongimmediately/strong./p pThis release only contains the security fixes; no other changes have been made compared to the Joomla 3.4.5 release./p divimg src="https://www.joomla.org/images/stories/announcements/security.png" alt="Security Release" //div h2What's in 3.4.6/h2 pVersion 3.4.6 is released to address four reported security vulnerabilities and includes security hardening of the user password reset system./p h3Security Issues Fixed/h3 ul liHigh Priority - Core - Remote Code Execution (affecting Joomla 1.5 through 3.4.5) a href="https://developer.joomla.org/security-centre/630-20151214-core-remote-code-execution-vulnerability.html"More information »/a/li liLow Priority - Core - CRSF Hardening (affecting Joomla 3.2.0 through 3.4.5) a href="https://developer.joomla.org/security-centre/633-20151214-core-csrf-hardening.html"More information »/a/li liLow Priority - Core - Directory Traversal (affecting Joomla 3.2.0 through 3.4.5) a href="https://developer.joomla.org/security-centre/635-20151214-core-directory-traversal-2.html"More information »/a/li liLow Priority - Core - Directory Traversal (affecting Joomla 3.4.0 through 3.4.5) a href="https://developer.joomla.org/security-centre/634-20151214-core-directory-traversal.html"More information »/a/li /ul pstrongPlease see the documentation wiki for a href="https://docs.joomla.org/Category:Version_3.4.6_FAQ"FAQ’s regarding the 3.4.6 release/a./strong/pdiv a href="http://feeds.joomla.org/~ff/JoomlaAnnouncements?a=aUJBcS5oIcU:XiRLsbUuR7Y:yIl2AUoC8zA"img src="http://feeds.feedburner.com/~ff/JoomlaAnnouncements?d=yIl2AUoC8zA" border="0"/img/a a href="http://feeds.joomla.org/~ff/JoomlaAnnouncements?a=aUJBcS5oIcU:XiRLsbUuR7Y:V_sGLiPBpWU"img src="http://feeds.feedburner.com/~ff/JoomlaAnnouncements?i=aUJBcS5oIcU:XiRLsbUuR7Y:V_sGLiPBpWU" border="0"/img/a /divimg src="http://feeds.feedburner.com/~r/JoomlaAnnouncements/~4/aUJBcS5oIcU" height="1" width="1" alt=""/